• Phishmas Alert: Tackling Holiday Season Cyber Threats: Cyber Security Today Weekend November 23, 2024
    Nov 23 2024

    Phishmas Alert: Tackling Holiday Season Cyber Threats

    In this episode of Cybersecurity Today, the weekend show, the host is joined by guest David Shipley to discuss the rise in phishing activities during the holiday season, humorously dubbed 'Phishmas.' They delve into the psychology behind phishing, the impact of seasonal stress on individuals, and the tactics cybercriminals use to exploit these conditions. The episode also highlights recent research on phishing trends, the broader scope of consumer fraud, and the challenges faced by law enforcement in combating these crimes. Practical advice for individuals and organizations to protect themselves is also provided, along with a call to action for greater governmental response and individual vigilance.

    00:00 Introduction to Phishmas
    00:41 The Importance of Good Research
    01:01 Understanding Data vs. Facts
    02:02 Phishing During the Holiday Season
    03:13 The Mechanics of Phishing Scams
    04:51 The Role of Typo-Squatting in Phishing
    06:13 The Evolution of Phishing Techniques
    09:16 The Human Factor in Phishing
    13:10 The Impact of AI on Phishing
    18:19 Psychological Tactics in Phishing
    21:08 Retailer Perspective on Cyber Threats
    22:21 Rise of Fraud in North America
    22:57 Impact of Fraud on Individuals
    24:01 Challenges in Combating Fraud
    27:59 Strategies to Protect Yourself
    32:25 Role of Retailers and Banks
    35:45 Political and Legislative Actions
    38:47 Final Thoughts and Call to Action

    Show More Show Less
    42 mins
  • Google's AI Driven Fuzz Tool Finds Decades Old Vulnerability: Cyber Security Today, Friday November 22, 2024
    Nov 22 2024

    Cybersecurity Today: Zero Day Flaws, FinTech Breach, Phishing Scams & More

    In today's episode, host Jim Love discusses critical updates in the cybersecurity world. Discover the latest zero day vulnerabilities patched by Apple, a significant data breach at Fintech giant Finastra, emerging phishing attack tactics using Microsoft Visio files and SVG attachments, and the launch of a new privacy-focused telecom service, CAPE. Additionally, learn about Google's AI-powered OSS Fuzz tool, which uncovered a critical flaw in the OpenSSL library. Stay informed to protect yourself and your organization from sophisticated cyber threats.

    00:00 Introduction and Sponsor Message
    00:59 Emerging Phishing Attack Strategies
    03:12 Finastra Data Breach Investigation
    04:49 Launch of CAPE: A Privacy-Focused Telecom Service
    06:19 Apple's Emergency Updates for Zero-Day Vulnerabilities
    07:29 Google's OSS Fuzz Uncovers Critical Vulnerabilities
    09:07 Conclusion and Podcast Information

    Show More Show Less
    10 mins
  • Microsoft Unveils New Cybersecurity Features at Ignite Conference: Cyber Security Today for November 20, 2024
    Nov 20 2024

    Cybersecurity Today: Microsoft Updates, Gen AI Risks, and Liminal Panda Threat

    In this episode of Cybersecurity Today, host Jim Love discusses major cybersecurity updates from Microsoft's Ignite conference, including enhancements to Windows security and device recovery. A survey by LegitSecurity highlights the security risks associated with generative AI in software development. CrowdStrike reveals Liminal Panda, a Chinese cyber threat to telecoms. Additionally, a report from the EPA's Office of Inspector General exposes significant cybersecurity vulnerabilities in U.S. drinking water systems. This episode is brought to you by CDW Canada Tech Talks.

    00:00 Introduction and Sponsor Message
    00:42 Microsoft's New Cybersecurity Features
    02:10 Generative AI and Software Development Risks
    04:30 Liminal Panda: A New Cyber Threat
    06:24 Cybersecurity Vulnerabilities in US Water Systems
    08:35 Conclusion and Sponsor Acknowledgment

    Show More Show Less
    9 mins
  • Unknown Attacker Tries To Frame Security Researcher: Cyber Security Today for Monday, November 18th, 2024
    Nov 18 2024

    Cybersecurity Today: GitHub Attacks & Microsoft's November Patch Tuesday Updates

    In this episode of Cybersecurity Today, host Jim Love highlights critical cybersecurity updates. The episode covers malicious attacks on GitHub projects, including an orchestrated attempt to frame Texas-based security researcher Mike Bell, and the associated impact on open-source repositories. Additionally, Microsoft's November Patch Tuesday is discussed in detail, with over 90 security issues disclosed, including four critical zero-day vulnerabilities. The episode also addresses a new ransomware strain exploiting vulnerabilities in Veeam backup software, and the disruptions caused by Microsoft's flawed Exchange Server security update. Stay informed on the latest cybersecurity trends and threats.

    00:00 Introduction and Sponsor Message
    00:29 Cybersecurity Headlines
    00:46 GitHub Malicious Code Attack
    03:24 Microsoft November Patch Tuesday
    05:17 Veeam Backup Software Vulnerability
    07:02 Microsoft Exchange Server Update Issues
    08:47 Conclusion and Sign-Off

    Show More Show Less
    9 mins
  • AI in Action: Project Synapse With Marcel Gagne and John Pinard. Cyber Security Today Weekend Edition for November 16, 2024
    Nov 16 2024

    Cybersecurity Today - Weekend Edition: Project Synapse, AI in Action (Episode 2)

    In this episode of Cybersecurity Today with host Jim Love, we dive into the intersection of Artificial Intelligence (AI) and cybersecurity, continuing our exploration in the series Project Synapse. Joined by Linux and open-source expert Marcel Gagné and cybersecurity professional John Pinard, we discuss practical applications of AI in business, strategies to implement AI securely, and the rapid technological advancements that pose challenges for companies. Tune in to learn how experimentation with AI can innovate business processes while figuring out what tools and strategies can add real value to your operations. This episode emphasizes the importance of maintaining security and developing a solid business strategy in the evolving landscape of artificial intelligence.

    00:00 Introduction to Cybersecurity Today
    01:14 Meet the Hosts and Guests
    02:08 Project Synapse: AI in Action
    02:20 Current State of AI and Security Concerns
    04:20 Challenges and Opportunities in AI Adoption
    06:36 Business Strategies in the Age of AI
    11:35 The Importance of Experimentation and Play
    20:26 Innovative Uses of AI in Everyday Life
    23:53 Cultural Shift in Business
    24:27 Rise of AI Agents
    25:13 Challenges with AI Models
    25:45 Specialized AI Agents
    28:17 AI in Accounting and Business
    32:12 AI in Customer Service
    33:40 Workshops and Practical AI Applications
    48:17 Security Concerns with AI
    49:40 Conclusion and Future Plans

    Show More Show Less
    51 mins
  • New Report Details Cyber Security Scams For Retailers At Christmas: Cyber Security Today for Friday, November 15, 2024
    Nov 15 2024

    Holiday Cyber Threats, Secret Service Surveillance & AI Safety with DOE

    In today's episode of Cybersecurity Today, host Jim Love covers essential cybersecurity topics heating up this holiday season. A new report from B4AI unveils sophisticated scams targeting online shoppers, including brand spoofing, fake apps, and fraudulent sites designed to steal credentials. Jim also delves into the U.S. Secret Service’s controversial use of location data without warrants, exploring the debate over privacy and government surveillance. Lastly, the episode highlights Anthropics Claude AI’s collaboration with the Department of Energy to ensure AI models cannot be misused for developing nuclear weapons, setting a precedent for future AI safety measures in government. Tune in for these stories and more on Cybersecurity Today.

    00:00 Cybersecurity Threats Targeting Holiday Shoppers
    04:00 Secret Service's Controversial Use of Location Data
    06:07 Anthropic's AI Collaboration for Nuclear Safety
    08:26 Conclusion and Additional Resources

    Show More Show Less
    9 mins
  • Cisco Hits A Perfect 10 With A Critical Flaw in Industrial Wireless Systems: Cyber Security Today for Wednesday, November 13, 2024
    Nov 13 2024

    In this episode, we discuss urgent cybersecurity concerns: Cisco's critical vulnerability affecting industrial wireless systems with a CVSS 10 rating, D-Link's refusal to patch severe flaws in over 60,000 outdated NAS devices, and Amazon's data breach tied to the MoveIT vulnerability. We'll also cover the importance of strong off-boarding processes, drawing lessons from a Disney insider threat incident involving a former employee. Join us as we dive deep into the latest security alerts and best practices to safeguard your systems and data.

    00:00 Critical Flaw in Cisco's Industrial Wireless Systems
    02:07 D-Link's Unpatched Vulnerabilities in NAS Devices
    03:22 Amazon Employee Data Exposed in MoveIT Breach
    04:41 Lessons from Disney's Insider Threat Incident
    06:37 Conclusion and Final Thoughts

    Show More Show Less
    7 mins
  • Mysterious iPhone Reboots Frustrate Law Enforcement: Cyber Security Today for Monday, November 11, 2024
    Nov 11 2024

    CyberSecurity Today: Zip File Attacks, iPhone Reboots, and LLM Vulnerabilities

    In today's episode, host Jim Love discusses hackers leveraging zip file concatenation to evade detection, mysterious iPhone reboots hindering police investigations, and Mozilla's Odin's in-depth analysis of security issues in a large language model. Discover how cybercriminals hide Trojans in zip files, how the iOS 18 feature Before First Unlock (BFU) could be affecting forensic examinations, and explore the intricacies of prompt injections and security implications in ChatGPT. Plus, tune in for an exclusive interview with Marco Figueroa from Mozilla's Odin Bug Bounty project to delve deeper into these findings.

    00:00 Introduction and Headlines
    00:21 Hackers Exploit Zip File Concatenation
    01:48 Phishing Campaign with Remcos RAT
    03:12 Mysterious iPhone Reboots
    04:18 Mozilla's Odin Project and LLM Security
    06:40 Conclusion and Afterwords

    Show More Show Less
    16 mins